I’ve just read ‘The Linux Security Circus: On GUI isolation’
It struck me that a linux keylogger is perfectly easy to write – I had previously (naïvely) thought such a program would only work given root permissions.
Alas! It’s stupidly easy.
The code simply calls
xinput test [id of keyboard device] and parses out the keycodes. The id of your keyboard device can be found from the device listing given by